Hackers reverse-engineer NSA's spy tools

A team of radio signal hackers has used an NSA manual to build
the agency's spy tools, so that we can start to protect against
them.

Great Scott Gadgets of Colorado explained to the New Scientist how it reverse
engineered something called the Ragemaster and the Surlyspawn,
"retro reflectors" that can harvest audio, keystrokes and images on
a computer its implanted into.

Der Spiegel reported last year how the US intelligence
services, with the help of the CIA and FBI, intercepts laptop
shipments to implant malicious hardware and malware. And the same
newspaper published the catalogue of spy hardware delivered by a division
known as ANT, with prices for the best gadgets around $250,000.

Among them was a piece of kit that lets you see what's on a
computer's screen ($30), a fake mobile phone tower that lets spies
intercept calls ($40,000) and computer bugs disguised as USBs (50
for $1 million).

With this in mind, Michael Ossmann of Great Scott Gadgets wanted
to navigate a path to start defending against all eventualities.
The main problem was, no one knew what a "retro reflector" was in
the context of this type of hardware, and how it could transmit
data wirelessly so far.

Ossmann used the NSA manual Edward Snowden leaked to put
together a version of the NSA tools using technology known as
software-defined radio (SDR), which uses software and
digital-signal-processing chips to manipulate radio signals, their
frequency and power. He used a transistor, with a small piece of
wire as an antenna, to replicate the reflector. Then came the SDR.
New Scientist reports that by manipulating the radio
frequencies to create high-powered radar signals, it prompted the
transistors into action -- it caused them to transmit the keystroke
data on a computer wirelessly.

It's this type of technology that is behind the revelation in January that the NSA could survey unconnected
devices. Just as we all came to terms with the spy agency's habit
of trawling through everybody's personal data, we were told that
tiny devices had been fitted into 100,000 devices to emit radio
waves and transport data. Apparently the only targets were Chinese
and Russian military and drug cartels, but the NSA does appear to
be a fan of mission creep, so Ossmann's work is very welcome by
a number of people.